|
Title: My experience registering for dwolla was pure hell Post by: Minsc on July 21, 2011, 01:22:04 AM 50 tries to register
Either (a) the captcha, (b) my pin that I reenter they they falsely don't recognize it as a number. And each time the form doesn't work, I have to re-enter my password, re-enter the pin, re-enter the CAPTCHA. And of course it makes the password have to have a capital letter, which isn't any safer, just is a pain. And after registering, the same password that I just entered 50 times suddenly does not work because the website is sadistic. So I have to do password recovery to be able to log into my account. Signs of a terrible website. Title: Re: My experience registering for dwolla was pure hell Post by: Stephen Gornick on July 21, 2011, 06:46:31 AM (b) my pin that I reenter they they falsely don't recognize it as a number. If you are pasting the PIN instead of typing the entry, perhaps the paste includes characters other than just the PIN? And of course it makes the password have to have a capital letter, which isn't any safer, just is a pain. Lowercase passwords are cracked faster (and thus, less-safe) than a mix that includes uppercase. May I suggest having KeePass create a strong password for you? And after registering, the same password that I just entered 50 times suddenly does not work because the website is sadistic. So I have to do password recovery to be able to log into my account. If the site keeps "forgetting the password," it is quite possible that someone else is resetting the password and that you just don't know about it. i.e., if your e-mail is compromised, then whomever has access to your e-mail can oftentimes get the password reset on another site fairly easily. With Dwolla if the adversary knows your Dwolla ID#, Ph# and D.O.B. and has access to your e-mail those are all that is needed to first reset your Dwolla PIN and then to reset your Dwolla password. The adversary would then hide the evidence by deleting the e-mails that those steps produced. And the next time you attempt to log in to Dwolla, boom -- the old password no longer works. Title: Re: My experience registering for dwolla was pure hell Post by: Lord T on July 21, 2011, 10:09:47 AM With Dwolla if the adversary knows your Dwolla ID#, Ph# and D.O.B. and has access to your e-mail those are all that is needed to first reset your Dwolla PIN and then to reset your Dwolla password. The adversary would then hide the evidence by deleting the e-mails that those steps produced. If someone had access to all that then more than that account would be compromised. I would be truly right to be paranoid. Title: Re: My experience registering for dwolla was pure hell Post by: ccgr on July 21, 2011, 01:55:26 PM The capcha took me a couple tries too but I got it working.
Title: Re: My experience registering for dwolla was pure hell Post by: nookngood on July 21, 2011, 06:37:26 PM Seconding keepassx for storing passwords. Stronger passwords at a minimal risk of losing the db or someone gaining access to your db.
Title: Re: My experience registering for dwolla was pure hell Post by: RodeoX on July 21, 2011, 06:55:10 PM I set up a dwolla account recently. It made me more confident that bitcoin has no competition. I experienced many of the same problems you did, and it freakin took forever! (well, two weeks)
|